net/cert/internal/test_helpers.cc - Issue 2832703002: Allow the TrustStore interface to return matching intermediates, and identify distrusted certs.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/internal/test_helpers.cc

Issue 2832703002: Allow the TrustStore interface to return matching intermediates, and identify distrusted certs. (Closed)

Patch Set: address comments Created 3 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/internal/test_helpers.cc

diff --git a/net/cert/internal/test_helpers.cc b/net/cert/internal/test_helpers.cc

index 80948c2318d3e8641affa4f738971cb28b6b1b54..ab8ed5510949b2a4f5496c06ca4d451f8ae86521 100644

--- a/net/cert/internal/test_helpers.cc

+++ b/net/cert/internal/test_helpers.cc

@@ -136,6 +136,7 @@ void ReadVerifyCertChainTestFromFile(const std::string& file_path_ascii,

bool has_result = false;

bool has_errors = false;

bool has_key_purpose = false;

+ bool has_trust_anchor = false;

PEMTokenizer pem_tokenizer(file_data, pem_headers);

while (pem_tokenizer.GetNext()) {

@@ -143,6 +144,7 @@ void ReadVerifyCertChainTestFromFile(const std::string& file_path_ascii,

const std::string& block_data = pem_tokenizer.data();

if (block_type == kCertificateHeader) {

+ ASSERT_FALSE(has_trust_anchor) << "Trust anchor must appear last";

CertErrors errors;

ASSERT_TRUE(net::ParsedCertificate::CreateAndAddToVector(

bssl::UniquePtr<CRYPTO_BUFFER>(CRYPTO_BUFFER_new(

@@ -152,7 +154,7 @@ void ReadVerifyCertChainTestFromFile(const std::string& file_path_ascii,

<< errors.ToDebugString();

} else if (block_type == kTrustAnchorUnconstrained ||

block_type == kTrustAnchorConstrained) {

- ASSERT_FALSE(test->trust_anchor) << "Duplicate trust anchor";

+ ASSERT_FALSE(has_trust_anchor) << "Duplicate trust anchor";

CertErrors errors;

scoped_refptr<ParsedCertificate> root = net::ParsedCertificate::Create(

bssl::UniquePtr<CRYPTO_BUFFER>(CRYPTO_BUFFER_new(

@@ -160,11 +162,12 @@ void ReadVerifyCertChainTestFromFile(const std::string& file_path_ascii,

block_data.size(), nullptr)),

{}, &errors);

ASSERT_TRUE(root) << errors.ToDebugString();

- test->trust_anchor =

- block_type == kTrustAnchorUnconstrained

- ? TrustAnchor::CreateFromCertificateNoConstraints(std::move(root))

- : TrustAnchor::CreateFromCertificateWithConstraints(

- std::move(root));

+ test->chain.push_back(std::move(root));

+ test->last_cert_trust =

+ (block_type == kTrustAnchorUnconstrained)

+ ? CertificateTrust::ForTrustAnchor()

+ : CertificateTrust::ForTrustAnchorEnforcingConstraints();

+ has_trust_anchor = true;

} else if (block_type == kTimeHeader) {

ASSERT_FALSE(has_time) << "Duplicate " << kTimeHeader;

has_time = true;

@@ -197,7 +200,7 @@ void ReadVerifyCertChainTestFromFile(const std::string& file_path_ascii,

ASSERT_TRUE(has_time);

ASSERT_TRUE(has_result);

- ASSERT_TRUE(test->trust_anchor);

+ ASSERT_TRUE(has_trust_anchor);

ASSERT_TRUE(has_key_purpose);

}

« components/cast_certificate/cast_cert_validator_test_helpers.cc ('K') | « net/cert/internal/test_helpers.h ('k') | net/cert/internal/trust_store.h » ('j') | no next file with comments »